diff --git a/conf/nginx.conf b/conf/nginx.conf index 1750d6a..9ab915b 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,3 +1,12 @@ +# Add .mjs as a file extension for javascript +# Either include it in the default mime.types list +# or include you can include that list explicitly and add the file extension +# only for Nextcloud like below: +include mime.types; +types { + text/javascript js mjs; +} + location ^~ /.well-known { # The following 6 rules are borrowed from `.htaccess` diff --git a/doc/ADMIN.md b/doc/ADMIN.md index 0f1d6a1..e9b7da8 100644 --- a/doc/ADMIN.md +++ b/doc/ADMIN.md @@ -1,19 +1,24 @@ -### How to use CLI commande +### Manually running Nextcloud commands -`sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ...` +You can run Nextcloud commands from the command line using: -or use `sudo yunohost app shell __APP__` then run `php occ ...` +``` +sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ... +``` -### Configure ONLYOFFICE integration +Alternatively, you may open a 'Nextcloud shell' with `sudo yunohost app shell __APP__`, then run `php occ ...` + +### ONLYOFFICE integration + +ONLYOFFICE is an online rich text document editor which can be integrated in Nextcloud #### With YunoHost App (ARM64 support, better performance) -For better performance and ARM64 support (Raspberry Pi, OLinuXino...), install ONLYOFFICE YunoHost App and connect it to Nextcloud, see the tutorial in the [doc of onlyoffice_ynh package](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server) +For better performance and ARM64 support (Raspberry Pi, OLinuXino...), install the [OnlyOffice YunoHost app](https://apps.yunohost.org/app/onlyoffice) and connect it to Nextcloud, see the tutorial in the [doc of onlyoffice_ynh package](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server) #### Alternative: With Nextcloud App (no ARM support, lower performance) -Nextcloud features a direct integration of ONLYOFFICE (an online rich text document editor) through a Nextcloud app. -To install and configure it: +Nextcloud features a direct integration of ONLYOFFICE through a Nextcloud app. - Install *Community Document Server* application in your Nextcloud. That's the part that runs ONLYOFFICE server. - Install *ONLYOFFICE* application. That's the client part that will connect to an ONLYOFFICE server. - Then in Settings -> ONLYOFFICE (`https://__DOMAIN____PATH__/settings/admin/onlyoffice`), if you want to configure which file formats should be opened by ONLYOFFICE. diff --git a/doc/ADMIN_fr.md b/doc/ADMIN_fr.md index 3a691ba..85445bd 100644 --- a/doc/ADMIN_fr.md +++ b/doc/ADMIN_fr.md @@ -1,21 +1,24 @@ -### Comment utiliser la commande CLI +### Exécuter manuellement des commandes Nextcloud -`sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ...` +Vous pouvez lancer des commandes Nextcloud depuis la ligne de commande avec: -ou utilisez `sudo yunohost app shell __APP__` puis `php occ ...` +``` +sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ... +``` -### Configurer l'intégration d'ONLYOFFICE +Ou bien, vous pouvez ouvrir un "shell Nextcloud" avec `sudo yunohost app shell __APP__`, puis lancer `php occ ...` + +### Intégration d'ONLYOFFICE + +ONLYOFFICE est un éditeur de texte enrichi en ligne qui peut s'intégrer dans Nextcloud #### Avec l'application YunoHost (support ARM64, meilleures performances) -Pour de meilleures performances et le support de ARM64 (Raspberry Pi, OLinuXino...), installez l'app YunoHost ONLYOFFICE, voir le tutoriel dans la [doc du paquet onlyoffice_ynh](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server) +Pour de meilleures performances et le support de ARM64 (Raspberry Pi, OLinuXino...), installez l'[app YunoHost OnlyOffice](https://apps.yunohost.org/app/onlyoffice), puis connectez-la à Nextcloud : voir le tutoriel dans la [doc du paquet onlyoffice_ynh](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server) -#### Alternative: Avec l'application Nextcloud (pas de support ARM, performances limitées) +#### Alternative: avec l'application Nextcloud (pas de support ARM, performances limitées) -Nextcloud inclut une intégration directe de ONLYOFFICE (un éditeur de texte enrichi en ligne) via une application Nextcloud. -Pour l'installer et la configurer : +Nextcloud inclut une intégration directe via une application Nextcloud. - Installez l'application *Community Document Server* dans votre Nextcloud. C'est la partie qui fait tourner un serveur ONLYOFFICE. - Installez l'application *ONLYOFFICE*. C'est la partie cliente qui va se connecter au serveur ONLYOFFICE. - Ensuite dans les Paramètres -> ONLYOFFICE (`https://__DOMAIN____PATH__/settings/admin/onlyoffice`), si vous voulez configurer quels formats de fichier s'ouvrent avec ONLYOFFICE. - -*NB : l'app Nextcloud ONLYOFFICE Community Document Server n'est disponible que sous architecture x86 diff --git a/scripts/change_url b/scripts/change_url index 6da4c8d..4ba48b3 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -29,24 +29,24 @@ exec_occ() { if [ $change_domain -eq 1 ] then - # Change the trusted domain - exec_occ config:system:set trusted_domains 1 --value=$new_domain + # Change the trusted domain + exec_occ config:system:set trusted_domains 1 --value=$new_domain - # Change hostname for activity notifications + # Change hostname for activity notifications exec_occ config:system:set overwrite.cli.url --value="https://${new_domain}${new_path}" -fi -if [ $change_domain -eq 1 ] -then - # Check if .well-known is available for this domain - if is_url_handled --domain="$new_domain" --path="/.well-known/caldav" || is_url_handled --domain="$new_domain" --path="/.well-known/carddav" - then - ynh_print_warn --message="Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." + # Reload php fpm, necessary for force nextcloud to re-read config.php, cf opcache.revalidate_freq + ynh_systemd_action --service_name=php${phpversion}-fpm --action=reload - # Remove lines about .well-known/carddav and caldav with sed. - sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$new_domain.d/$app.conf" - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - fi + # Check if .well-known is available for this domain + if is_url_handled --domain="$new_domain" --path="/.well-known/caldav" || is_url_handled --domain="$new_domain" --path="/.well-known/carddav" + then + ynh_print_warn --message="Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." + + # Remove lines about .well-known/carddav and caldav with sed. + sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$new_domain.d/$app.conf" + ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + fi fi #================================================= diff --git a/scripts/config b/scripts/config index 5a7a2ac..1b5e26b 100644 --- a/scripts/config +++ b/scripts/config @@ -49,7 +49,7 @@ get__fpm_footprint() { fi } -get__free_footprint() { +get__fpm_free_footprint() { # Free footprint value for php-fpm # Check if current_fpm_footprint is an integer if [ "$current_fpm_footprint" -eq "$current_fpm_footprint" ] 2> /dev/null @@ -120,7 +120,7 @@ ynh_app_config_validate() { ynh_app_config_apply() { _ynh_app_config_apply - ynh_add_fpm_config --phpversion=$phpversion --usage=$fpm_usage --footprint=$fpm_footprint + ynh_add_fpm_config } ynh_app_config_run $1 diff --git a/scripts/install b/scripts/install index 9d80eaf..1fbbe7d 100755 --- a/scripts/install +++ b/scripts/install @@ -1,33 +1,11 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers source _ynh_mysql_connect_as.sh -#================================================= -# STORE SETTINGS FROM MANIFEST -#================================================= - -maintenance_mode=0 -fpm_footprint="high" -fpm_free_footprint=0 -fpm_usage="medium" phpflags="--define apc.enable_cli=1" -#================================================= -# STORE SETTINGS FROM MANIFEST -#================================================= - -ynh_app_setting_set --app=$app --key=maintenance_mode --value=$maintenance_mode -ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint -ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint -ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage ynh_app_setting_set --app=$app --key=phpflags --value=$phpflags #================================================= @@ -65,8 +43,9 @@ ynh_setup_source --dest_dir="$install_dir" #================================================= ynh_script_progression --message="Configuring PHP-FPM..." --weight=5 -# Create a dedicated PHP-FPM config -ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint +ynh_app_setting_set --app=$app --key=fpm_footprint --value=high +ynh_app_setting_set --app=$app --key=fpm_usage --value=medium +ynh_add_fpm_config #================================================= # NGINX CONFIGURATION diff --git a/scripts/remove b/scripts/remove index d09cafe..c39ac68 100755 --- a/scripts/remove +++ b/scripts/remove @@ -1,11 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers diff --git a/scripts/restore b/scripts/restore index 4286a7e..65bc4ca 100755 --- a/scripts/restore +++ b/scripts/restore @@ -1,11 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers source ../settings/scripts/_ynh_mysql_connect_as.sh @@ -35,7 +29,7 @@ ynh_script_progression --message="Reconfiguring PHP-FPM..." --weight=50 ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" # Recreate a dedicated php-fpm config -ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --phpversion=$phpversion +ynh_add_fpm_config #================================================= # RESTORE THE NGINX CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index e51b5cb..d823668 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,18 +1,8 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers -#================================================= -# CHECK VERSION -#================================================= - upgrade_type=$(ynh_check_app_version_changed) #================================================= @@ -23,30 +13,6 @@ ynh_script_progression --message="Ensuring downward compatibility..." # Remove the option backup_core_only if it's in the settings.yml file ynh_app_setting_delete --app=$app --key=backup_core_only -# If maintenance_mode doesn't exist, create it -if [ -z "${maintenance_mode:-}" ]; then - maintenance_mode=0 - ynh_app_setting_set --app=$app --key=maintenance_mode --value=$maintenance_mode -fi - -# If fpm_footprint doesn't exist, create it -if [ -z "${fpm_footprint:-}" ]; then - fpm_footprint=high - ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint -fi - -# If fpm_free_footprint doesn't exist, create it -if [ -z "${fpm_free_footprint:-}" ]; then - fpm_free_footprint=0 - ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint -fi - -# If fpm_usage doesn't exist, create it -if [ -z "${fpm_usage:-}" ]; then - fpm_usage=medium - ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage -fi - # If phpflags doesn't exist, create it if [ -z "${phpflags:-}" ]; then phpflags="--define apc.enable_cli=1" @@ -58,40 +24,6 @@ if [ -f /etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini ]; then ynh_secure_remove --file=/etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini fi -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2 - -# Recreate a dedicated PHP-FPM config -ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint - -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 - -ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf" - -# Delete current NGINX configuration to be able to check if .well-known is already served. -ynh_remove_nginx_config -ynh_app_setting_delete --app=$app --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf" - -# Wait untils NGINX has fully reloaded -ynh_systemd_action --service_name=nginx --action=reload --line_match="Reloaded" --log_path="systemd" - -# Check if .well-known is available for this domain -if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" -then - ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." - - # Remove lines about .well-known/carddav and caldav with sed. - sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf" -fi - -# Create a dedicated NGINX config -ynh_add_nginx_config - #================================================= # SPECIFIC UPGRADE #================================================= @@ -107,7 +39,7 @@ exec_occ() { # Backward compatibility to upgrade from older versions if [ $current_major_version = "last" ] || [ $current_major_version -ge 26 ] then - NEXTCLOUD_PHP_VERSION=$phpversion + NEXTCLOUD_PHP_VERSION="8.2" elif [ $current_major_version -ge 24 ] then NEXTCLOUD_PHP_VERSION="8.1" @@ -117,7 +49,11 @@ exec_occ() { else NEXTCLOUD_PHP_VERSION="7.1" fi - if ! timeout 1 php$NEXTCLOUD_PHP_VERSION 2>/dev/null; then + + # NB : be super careful when designing this part of the code, because calling ynh_install_app_dependencies + # will do magic regarding php configuration and $phpversion when the php version of the dependencies changes ... + phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) + if [[ "$NEXTCLOUD_PHP_VERSION" != "$phpversion" ]]; then local pkg_dependencies="$(dpkg-query --show --showformat='${Depends}' ${app}-ynh-deps)" pkg_dependencies="${pkg_dependencies//$phpversion/$NEXTCLOUD_PHP_VERSION}" ynh_install_app_dependencies "$pkg_dependencies" @@ -217,12 +153,12 @@ EOF # Install the next nextcloud version in $tmpdir ynh_setup_source --dest_dir="$tmpdir" - # Enable maintenance mode - exec_occ maintenance:mode --on - # Backup the config file in the temp dir cp -a "$install_dir/config/config.php" "$tmpdir/config/config.php" + # Enable maintenance mode + exec_occ maintenance:mode --on + # Backup 3rd party applications from the current Nextcloud # But do not overwrite if there is any upgrade # (apps directory already exists in Nextcloud archive) @@ -339,21 +275,9 @@ EOF fi #================================================= -# UPDATE THE CRON JOB -#================================================= - -cron_path="/etc/cron.d/$app" -ynh_add_config --template="../conf/nextcloud.cron" --destination="$cron_path" -chown root: "$cron_path" -chmod 644 "$cron_path" - -exec_occ background:cron - -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES +# REGEN SYSTEM CONFIGURATIONS #================================================= +ynh_script_progression --message="Reapplying file permissions..." --weight=2 # Fix app ownerships & permissions chown -R $app:www-data "$install_dir" @@ -365,30 +289,62 @@ chmod 755 /home/yunohost.app chmod 750 $install_dir #================================================= -# SETUP LOGROTATE +# REGEN SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Upgrading logrotate configuration..." +ynh_script_progression --message="Regenerating system configurations for $app..." --weight=2 -# Use logrotate to manage app-specific logfile(s) +# ------- +# PHP-FPM +# ------- + +ynh_add_fpm_config + +# ------- +# NGINX +# ------- + +# Delete current NGINX configuration to be able to check if .well-known is already served. +ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_remove_nginx_config +ynh_app_setting_delete --app=$app --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf" + +# Wait untils NGINX has fully reloaded +ynh_systemd_action --service_name=nginx --action=reload --line_match="Reloaded" --log_path="systemd" + +# Check if .well-known is available for this domain +if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" +then + ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." + + # Remove lines about .well-known/carddav and caldav with sed. + sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf" +fi + +# Create a dedicated NGINX config +ynh_add_nginx_config + +# ------- +# CRON JOB +# ------- +cron_path="/etc/cron.d/$app" +ynh_add_config --template="../conf/nextcloud.cron" --destination="$cron_path" +chown root: "$cron_path" +chmod 644 "$cron_path" + +exec_occ background:cron + +# ------- +# LOGROTATE +# ------- ynh_use_logrotate --non-append -#================================================= -# SETUP FAIL2BAN -#================================================= -ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=7 +# ------- +# FAIL2BAN +# ------- # Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/home/yunohost.app/$app/data/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" --max_retry=5 -#================================================= -# GENERIC FINALIZATION -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading PHP-FPM..." --weight=2 - -ynh_systemd_action --service_name="php${phpversion}-fpm" --action=reload - #================================================= # END OF SCRIPT #=================================================